<?php
header('Content-Type: text/html; charset=utf-8');
require_once dirname(__FILE__) . '/../../../incls/php/dbutils.class.php';
require_once dirname(__FILE__) . '/../../../incls/php/miscutils.class.php';
require_once dirname(__FILE__) . '/../../../incls/php/config.php';
require_once dirname(__FILE__) . '/../../../libs/phpMailer/class.phpmailer.php';
require_once dirname(__FILE__) . '/../../../incls/php/ecomutils.class.php';

session_name(SESSION);
session_start();
$myPdo = DbUtils::createPdoInst();
$action = MiscUtils::getParam('action', '');
try {
  $myPdo->beginTransaction();
  switch ($action) {
    case 'remove_addr':
      remove_addr($myPdo);
      break;
    case 'update_addr':
      update_addr($myPdo);
      break;
    case 'place_order':
      place_order($myPdo);
      break;
    default:
      break;
  }
  $myPdo->commit();
} catch (PDOException $e) {
  echo $e->getMessage();
}

function remove_addr($myPdo) {
  $id = MiscUtils::getParam('id', 0);
  $is_default = MiscUtils::getParam('is_default', 0);
  $customer_id = MiscUtils::getParam('customer_id', 0);
  $to = MiscUtils::getParam('to', '');
  
  $cond_vals = new stdClass(); 
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $id);
  DbUtils::deleteByCond($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $cond_vals);
  
  if ($is_default == 1) {
    $cond_vals = new stdClass(); 
    $cond_vals->c = 't.customer_id = :v1';
    $cond_vals->v = array(':v1' => $customer_id);
    $tmp = DbUtils::get($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $cond_vals, NULL, NULL, NULL, NULL, NULL, NULL)->d;
    if (count($tmp) > 0) {
      $tmp[0]->is_default = 1;
      DbUtils::update($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $tmp[0]);
    }
  }
  
  echo "
  <script>
  location.href = '$to';
  </script>
  ";
  return;
}

function update_addr($myPdo) {
  $to = MiscUtils::getParam('to', '');
  $obj = new stdClass();
  $obj->id = MiscUtils::getParam('update_id', 0);
  $obj->first_name = MiscUtils::getParam('update_first_name', '');
  $obj->last_name = MiscUtils::getParam('update_last_name', '');
  $obj->address1 = MiscUtils::getParam('update_address1', '');
  $obj->address2 = MiscUtils::getParam('update_address2', '');
  $obj->city = MiscUtils::getParam('update_city', '');
  $obj->country = MiscUtils::getParam('update_country', '');
  $obj->zip = MiscUtils::getParam('update_zip', '');
  $obj->phone = MiscUtils::getParam('update_phone', '');
  $obj->email = MiscUtils::getParam('update_email', '');
  $obj->_idx = MiscUtils::getParam('update_idx', '');
  
  unset($_SESSION['update_addr_idx']);
  unset($_SESSION['update_first_name_err']);
  unset($_SESSION['update_last_name_err']);
  unset($_SESSION['update_address1_err']);
  unset($_SESSION['update_address2_err']);
  unset($_SESSION['update_city_err']);
  unset($_SESSION['update_country_err']);
  unset($_SESSION['update_zip_err']);
  unset($_SESSION['update_phone_err']);
  unset($_SESSION['update_email_err']);
  unset($_SESSION['update_first_name']);
  unset($_SESSION['update_last_name']);
  unset($_SESSION['update_address1']);
  unset($_SESSION['update_address2']);
  unset($_SESSION['update_city']);
  unset($_SESSION['update_country']);
  unset($_SESSION['update_zip']);
  unset($_SESSION['update_phone']);
  unset($_SESSION['update_email']);
  
  $err = 0;
  if ($obj->first_name == '') {
    $_SESSION['update_first_name_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->last_name == '') {
    $_SESSION['update_last_name_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->address1 == '') {
    $_SESSION['update_address1_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->city == '') {
    $_SESSION['update_city_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->country == '') {
    $_SESSION['update_country_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->phone == '') {
    $_SESSION['update_phone_err'] = 'Can not be empty';
    $err = 1;
  }
  if ($obj->email == '') {
    $_SESSION['update_email_err'] = 'Can not be empty';
    $err = 1;
  }
  if (!filter_var($obj->email, FILTER_VALIDATE_EMAIL)) {
    $_SESSION['update_email_err'] = 'Not a proper email';
    $is_err = 1;
  }
  
  if ($err == 1) {
    $_SESSION['update_addr_idx'] = $obj->_idx;
    $_SESSION['update_first_name'] = $obj->first_name;
    $_SESSION['update_last_name'] = $obj->last_name;
    $_SESSION['update_address1'] = $obj->address1;
    $_SESSION['update_address2'] = $obj->address2;
    $_SESSION['update_city'] = $obj->city;
    $_SESSION['update_country'] = $obj->country;
    $_SESSION['update_zip'] = $obj->zip;
    $_SESSION['update_phone'] = $obj->phone;
    $_SESSION['update_email'] = $obj->email;
    echo "
    <script>
    location.href = '$to';
    </script>
    ";
    return;
  }
  
  DbUtils::update($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $obj);
  echo "
  <script>
  location.href = '$to';
  </script>
  ";
  return;
}

function place_order($myPdo) {
  $to = MiscUtils::getParam('to', '');
  $from = MiscUtils::getParam('from', '');
  $my_order = json_decode(MiscUtils::getParam('my_order', '[]'));
  $my_order->date = date('Y-m-d');
  $my_order->order_number = date('YmdHis', time());
  
  unset($_SESSION['select_new_addr']);
  unset($_SESSION['new_first_name_err']);
  unset($_SESSION['new_last_name_err']);
  unset($_SESSION['new_address1_err']);
  unset($_SESSION['new_address2_err']);
  unset($_SESSION['new_city_err']);
  unset($_SESSION['new_country_err']);
  unset($_SESSION['new_zip_err']);
  unset($_SESSION['new_phone_err']);
  unset($_SESSION['new_email_err']);
  unset($_SESSION['new_first_name']);
  unset($_SESSION['new_last_name']);
  unset($_SESSION['new_address1']);
  unset($_SESSION['new_address2']);
  unset($_SESSION['new_city']);
  unset($_SESSION['new_country']);
  unset($_SESSION['new_zip']);
  unset($_SESSION['new_phone']);
  unset($_SESSION['new_email']);
  
  if (isset($my_order->_n)) {
    $err = 0;
    if ($my_order->first_name == '') {
      $_SESSION['new_first_name_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->last_name == '') {
      $_SESSION['new_last_name_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->address1 == '') {
      $_SESSION['new_address1_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->city == '') {
      $_SESSION['new_city_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->country == '') {
      $_SESSION['new_country_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->phone == '') {
      $_SESSION['new_phone_err'] = 'Can not be empty';
      $err = 1;
    }
    if ($my_order->email == '') {
      $_SESSION['new_email_err'] = 'Can not be empty';
      $err = 1;
    }
    if (!filter_var($my_order->email, FILTER_VALIDATE_EMAIL)) {
      $_SESSION['new_email_err'] = 'Not a proper email';
      $is_err = 1;
    }
    
    if ($err == 1) {
      $_SESSION['new_first_name'] = $my_order->first_name;
      $_SESSION['new_last_name'] = $my_order->last_name;
      $_SESSION['new_address1'] = $my_order->address1;
      $_SESSION['new_address2'] = $my_order->address2;
      $_SESSION['new_city'] = $my_order->city;
      $_SESSION['new_country'] = $my_order->country;
      $_SESSION['new_zip'] = $my_order->zip;
      $_SESSION['new_phone'] = $my_order->phone;
      $_SESSION['new_email'] = $my_order->email;
      $_SESSION['select_new_addr'] = 1;
      echo "
      <script>
      location.href = '$from';
      </script>
      ";
      return;
    }
  }
  
  DbUtils::add($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_order', $my_order);
  $my_order->id = $myPdo->lastInsertId();
  
  if (isset($my_order->_n) && $my_order->customer_id != 0) {
    $obj = new stdClass();
    $obj->customer_id = $my_order->customer_id;
    $obj->first_name = $my_order->first_name;
    $obj->last_name = $my_order->last_name;
    $obj->address1 = $my_order->address1;
    $obj->address2 = $my_order->address2;
    $obj->city = $my_order->city;
    $obj->country = $my_order->country;
    $obj->zip = $my_order->zip;
    $obj->phone = $my_order->phone;
    $obj->email = $my_order->email;
    $obj->is_default = 0;
    
    $cond_vals = new stdClass(); 
    $cond_vals->c = 't.customer_id = :v1';
    $cond_vals->v = array(':v1' => $my_order->customer_id);
    $opt = new stdClass();
    $opt->select_expr = 'COUNT(t.id) AS _count';
    $tmp = DbUtils::get($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $cond_vals, NULL, NULL, NULL, NULL, $opt)->d[0]->_count;
    if ($tmp == 0) {
      $obj->is_default = 1;
    }
    DbUtils::add($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_customer_addr', $obj);
  }
  
  foreach ($_SESSION['my_cart'] as &$pur) {
    $pur->customer_id = $my_order->customer_id;
    $pur->order_id = $my_order->id;
    DbUtils::add($myPdo,  TABLE_NAME_PREFIX_PLUGIN . 'ecom_purchase', $pur);
  }
  
  EComUtils::update_stock($myPdo, $my_order, false);
  
  unset($_SESSION['my_cart']);
  setcookie('my_cart', json_encode(array()), time() - 3600);
  
  $profile = new stdClass();
  $tmp = DbUtils::get($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'user_profile', NULL, NULL, NULL, NULL, NULL, NULL)->d;
  if (count($tmp) > 0) {
    $profile = $tmp[0];
  }

  try {
    $tmp_file = "../../../tmp/$my_order->order_number.pdf";
    require_once dirname(__FILE__) . '/../../../libs/MPDF56/mpdf.php';
    $mpdf = new mPDF('c'); 
    $mpdf->SetDisplayMode('fullpage');
    // LOAD a stylesheet
    $stylesheet = file_get_contents('http://' . URL . 'incls/php/ecomorder.print.php?secret_pass=0&id=' . $my_order->order_number); 
    $mpdf->WriteHTML($stylesheet);
    
    $mpdf->Output($tmp_file);

    $mailer = new PHPMailer();
    $mailer->IsSMTP();
    $mailer->Host = SMTP_HOST;
    $mailer->CharSet = "UTF-8";
    
    $content = "
    <div style=\"font-family: Lucida Sans Unicode;\">Hi $my_order->first_name $my_order->last_name,</div>
    <div>&nbsp;</div>
    <div style=\"font-family: Lucida Sans Unicode;\">Thanks for purchasing from us.</div>
    <div>&nbsp;</div>
    <div style=\"font-family: Lucida Sans Unicode;\">Please see attachment file for your order details</div>
    <ul>
      <li style=\"font-family: Lucida Sans Unicode;\"><a href=\"http://" . URL . '?i=' . HOME_PROD_ID . "&script=index_paynow&pay=$my_order->order_number\">Click here</a> to pay (if you have not paid yet)</li>
      <li style=\"font-family: Lucida Sans Unicode;\"><a href=\"http://" . URL . '?i=' . HOME_PROD_ID . "&script=index_paynow&pay=$my_order->order_number&my_order=$my_order->order_number\">Click here</a> to track the status of your order</li>
    </ul>
    <div>&nbsp;</div>
    <div style=\"font-family: Lucida Sans Unicode;\">Best regards,</div>
    <div>&nbsp;</div>
    <div style=\"font-family: Lucida Sans Unicode;\">Yours Sincerely $profile->shop_name</div>
    ";
    
    $mailer->SMTPAuth = true;
    $mailer->Username = SMTP_USER_ATDN;
    $mailer->Password = SMTP_PASS_ATDN;
    $mailer->From = $profile->email;
    $mailer->FromName = $profile->shop_name;
    
    $mailer->Body = $content;
    $mailer->Subject = 'Order#' . $my_order->order_number;
  
    $mailer->isHTML(true);
    $mailer->AddAddress($my_order->email, $my_order->first_name);
    $mailer->AddAttachment($tmp_file);
    
    $mailer->Send();
  } catch (phpmailerException $e) {
    echo $e->errorMessage(); //Pretty error messages from PHPMailer
  } catch (Exception $e) {
    echo $e->getMessage(); //Boring error messages from anything else!
  }
  
  if (file_exists($tmp_file)) {
    @unlink($tmp_file);
  }
  
  echo "
  <script>
  parent.location.href = '$to" . "&pay=$my_order->order_number" . "';
  </script>
  ";
  return;
}
?>
